$ rpki-client -vvf rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.mft File: 2h2yzTH0VPaVYdhmXck--BLzl7A.mft (raw, json) Hash identifier: VXMGFZ21j9E26MM3CMsfEdCDnj+IiRqZgOrq/F41h7U= Subject key identifier: 53:39:19:67:5C:D4:D8:59:BE:A1:A2:88:FF:31:CB:ED:10:33:CF:A3 Authority key identifier: DA:1D:B2:CD:31:F4:54:F6:95:61:D8:66:5D:C9:3E:F8:12:F3:97:B0 Certificate issuer: /CN=A919A7CA/serialNumber=DA1DB2CD31F454F69561D8665DC93EF812F397B0 Certificate serial: 014B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2h2yzTH0VPaVYdhmXck--BLzl7A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.mft Manifest number: 0141 Signing time: Mon 21 Jul 2025 04:28:23 +0000 Manifest this update: Mon 21 Jul 2025 04:28:23 +0000 Manifest next update: Mon 28 Jul 2025 04:28:23 +0000 Files and hashes: 1: 2h2yzTH0VPaVYdhmXck--BLzl7A.crl (hash: eSQ5LpQgQAPKRjAsJm/nIDTKUy8Kd7XfH/mnplEarK0=) 2: 730B201A81E911EEAEFE7735C4F9AE02.roa (hash: s0CFqQaJE4zfLQbz4CeHwWhJkg8L6CDsaxGgDdisTeI=) 3: 4317395081E611EE9EFE132BC4F9AE02.roa (hash: tQp/nzqfCovKInVuREO99dY4qu3efR3x/X9HpDvqlY0=) 4: E71AB92A7F7D11EE8C183162C4F9AE02.roa (hash: Dsh7pIT1SQfv6ivkNmsm2ZCHRytBDFAmEgjeRNzC7do=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.crl rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2h2yzTH0VPaVYdhmXck--BLzl7A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 04:28:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 331 (0x14b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919A7CA, serialNumber=DA1DB2CD31F454F69561D8665DC93EF812F397B0 Validity Not Before: Jul 21 04:28:23 2025 GMT Not After : Jul 28 04:28:23 2025 GMT Subject: CN=687dc1e7-876f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:50:17:c9:d4:a5:ca:f3:2b:5f:e1:b8:01:d6: 6a:ce:4b:79:c6:0f:00:59:9d:34:62:55:ab:ef:fc: 13:42:78:d6:6a:71:78:f2:2e:47:99:33:ac:9d:84: af:5f:2a:17:d7:16:38:67:cf:09:7e:f9:76:61:d1: 81:ae:8a:bd:d8:4b:a7:02:99:c9:12:06:78:d9:67: 01:cd:65:78:8c:26:d0:e8:8a:fb:c5:2c:3f:6b:ed: 9f:01:14:98:c9:d1:f9:bb:4a:57:bf:cd:e2:0d:e9: b6:67:e0:71:fa:be:d0:62:c5:f2:4a:b3:99:aa:e3: c4:5e:fc:bf:80:db:09:5f:ed:1c:ba:43:7a:7d:1b: 29:3d:55:ad:05:ac:fe:ad:a8:5b:a3:86:d7:fb:82: d1:4a:98:6f:f9:0a:ce:9c:b7:5d:bb:50:cf:25:67: a9:d5:63:cf:40:d3:67:0a:a7:24:c6:4a:2f:8a:3d: 76:f0:e0:73:0d:ef:92:ed:82:aa:dc:2e:6c:3b:d1: a4:62:9d:e1:45:73:b7:0f:f8:3f:30:64:c1:f8:64: 94:04:86:47:17:02:75:d0:09:38:d8:8a:33:73:bd: 6b:57:40:8d:a3:d8:81:e6:25:81:5b:fb:ef:54:24: 7b:ae:10:00:71:48:9a:8b:26:8c:3a:de:5e:bc:05: 74:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:39:19:67:5C:D4:D8:59:BE:A1:A2:88:FF:31:CB:ED:10:33:CF:A3 X509v3 Authority Key Identifier: keyid:DA:1D:B2:CD:31:F4:54:F6:95:61:D8:66:5D:C9:3E:F8:12:F3:97:B0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2h2yzTH0VPaVYdhmXck--BLzl7A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 30:e3:1b:5a:08:f9:1b:1a:49:94:d3:7b:58:b2:10:19:8b:28: da:8b:e9:48:13:08:af:c7:00:89:40:c9:b6:5d:94:7f:9e:11: 39:27:97:59:f0:aa:e8:4e:64:8f:0d:f2:56:00:df:ec:95:44: 6f:92:e0:54:42:10:25:d1:48:e5:e5:75:c0:e2:ed:d7:88:6b: c2:5f:fb:2d:d7:9c:9a:c5:4f:11:8f:0e:65:b6:cf:22:d4:2e: 76:43:74:b7:81:d5:73:a5:e8:ed:c0:db:31:a9:19:26:36:1a: 68:d3:5f:ce:2c:71:36:89:c6:c0:f2:dd:03:3e:21:dd:3f:cb: 57:6b:8c:be:ed:7c:e8:fd:97:e6:86:2a:5e:d1:3b:c1:9b:08: 09:38:5e:5c:7d:a8:48:c1:14:44:20:20:4b:9e:a3:a7:c4:2a: 84:61:fb:ac:4c:3f:1a:b5:d6:07:0b:97:79:76:51:16:0a:a6: 67:a2:14:88:60:c4:5f:3c:18:3d:b3:c3:bb:14:59:b8:ad:d3: 0d:2a:c7:d6:ac:a8:af:2b:7a:6a:58:74:b5:a4:53:e2:1a:7a: 8d:b1:a2:1d:a7:52:f2:fd:b0:4c:0e:9a:7c:56:f0:ce:d4:cd: 12:64:f2:ce:87:de:18:bc:91:51:28:ae:7c:87:63:47:70:0b: df:a6:b5:54 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUE3Q0ExMTAvBgNVBAUTKERBMURCMkNEMzFGNDU0RjY5NTYxRDg2NjVEQzkzRUY4 MTJGMzk3QjAwHhcNMjUwNzIxMDQyODIzWhcNMjUwNzI4MDQyODIzWjAYMRYwFAYD VQQDEw02ODdkYzFlNy04NzZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxlAXydSlyvMrX+G4AdZqzkt5xg8AWZ00YlWr7/wTQnjWanF48i5HmTOsnYSv XyoX1xY4Z88Jfvl2YdGBroq92EunApnJEgZ42WcBzWV4jCbQ6Ir7xSw/a+2fARSY ydH5u0pXv83iDem2Z+Bx+r7QYsXySrOZquPEXvy/gNsJX+0cukN6fRspPVWtBaz+ rahbo4bX+4LRSphv+QrOnLddu1DPJWep1WPPQNNnCqckxkovij128OBzDe+S7YKq 3C5sO9GkYp3hRXO3D/g/MGTB+GSUBIZHFwJ10Ak42Iozc71rV0CNo9iB5iWBW/vv VCR7rhAAcUiaiyaMOt5evAV0BQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFM5GWdc 1NhZvqGiiP8xy+0QM8+jMB8GA1UdIwQYMBaAFNodss0x9FT2lWHYZl3JPvgS85ew MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QTdDQS80Q0Y3RjE1ODdF QjcxMUVFOTYyM0U5MUFDNEY5QUUwMi8yaDJ5elRIMFZQYVZZZGhtWGNrLS1CTHps N0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJoMnl6VEgwVlBhVllkaG1YY2stLUJMemw3QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 QTdDQS80Q0Y3RjE1ODdFQjcxMUVFOTYyM0U5MUFDNEY5QUUwMi8yaDJ5elRIMFZQ YVZZZGhtWGNrLS1CTHpsN0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAw4xtaCPkbGkmU03tYshAZiyjai+lIEwivxwCJQMm2XZR/nhE5J5dZ 8KroTmSPDfJWAN/slURvkuBUQhAl0Ujl5XXA4u3XiGvCX/st15yaxU8Rjw5lts8i 1C52Q3S3gdVzpejtwNsxqRkmNhpo01/OLHE2icbA8t0DPiHdP8tXa4y+7Xzo/Zfm hipe0TvBmwgJOF5cfahIwRREICBLnqOnxCqEYfusTD8atdYHC5d5dlEWCqZnohSI YMRfPBg9s8O7FFm4rdMNKsfWrKivK3pqWHS1pFPiGnqNsaIdp1Ly/bBMDpp8VvDO 1M0SZPLOh94YvJFRKK58h2NHcAvfprVU -----END CERTIFICATE-----Generated at Tue Jul 22 05:11:49 2025 by rpki-client